Edward Snowden’s disclosure of National Security Administration surveillance practices has provoked a public debate about the merits of establishing an international standard for privacy and data protection. Officials from a number of countries, including Brazil, Uruguay, Denmark, Holland, and Hungary, have expressed interest in such a standard. Perhaps the most intriguing development thus far is a proposal by Germany’s federal data protection officer, Peter Schaar, who has proposed adding a protocol to Article 17 of the United Nations’ International Covenant on Civil and Political Rights, which protects against “arbitrary or unlawful interference with…privacy, family, home or correspondence.”1 This proposal, and the debate that accompanies it, have raised two key questions: 1) Is creating an enforceable global privacy standard even possible?; and, 2) If so, what form should this standard take?